Total
2153 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-1949 | 1 Mattermost | 1 Mattermost Server | 2024-12-13 | N/A | 2.6 LOW |
|
A race condition in Mattermost versions 8.1.x before 8.1.9, and 9.4.x before 9.4.2 allows an authenticated attacker to gain unauthorized access to individual posts' contents via carefully timed post creation while another user deletes posts.
|
|||||
| CVE-2024-26617 | 1 Linux | 1 Linux Kernel | 2024-12-12 | N/A | 7.0 HIGH |
|
In the Linux kernel, the following vulnerability has been resolved:
fs/proc/task_mmu: move mmu notification mechanism inside mm lock
Move mmu notification mechanism inside mm lock to prevent race condition
in other components which depend on it. The notifier will invalidate
memory range. Depending upon the number of iterations, different memory
ranges would be invalidated.
The following warning would be removed by this patch:
WARNING: CPU: 0 PID: 5067 at arch/x86/kvm/../../../virt/kvm/kvm_m ...
Show More |
|||||
| CVE-2023-52578 | 1 Linux | 1 Linux Kernel | 2024-12-11 | N/A | 7.0 HIGH |
|
In the Linux kernel, the following vulnerability has been resolved:
net: bridge: use DEV_STATS_INC()
syzbot/KCSAN reported data-races in br_handle_frame_finish() [1]
This function can run from multiple cpus without mutual exclusion.
Adopt SMP safe DEV_STATS_INC() to update dev->stats fields.
Handles updates to dev->stats.tx_dropped while we are at it.
[1]
BUG: KCSAN: data-race in br_handle_frame_finish / br_handle_frame_finish
read-write to 0xffff8881374b2178 of 8 bytes by interrupt on cpu ...
Show More |
|||||
| CVE-2024-32993 | 1 Huawei | 2 Emui, Harmonyos | 2024-12-11 | N/A | 5.6 MEDIUM |
|
Out-of-bounds access vulnerability in the memory module
Impact: Successful exploitation of this vulnerability will affect availability.
|
|||||
| CVE-2023-42959 | 1 Apple | 1 Macos | 2024-12-09 | N/A | 7.0 HIGH |
|
A race condition was addressed with improved state handling. This issue is fixed in macOS Sonoma 14. An app may be able to execute arbitrary code with kernel privileges.
|
|||||
| CVE-2024-32997 | 1 Huawei | 2 Emui, Harmonyos | 2024-12-09 | N/A | 8.4 HIGH |
|
Race condition vulnerability in the binder driver module
Impact: Successful exploitation of this vulnerability will affect availability.
|
|||||
| CVE-2023-52720 | 1 Huawei | 2 Emui, Harmonyos | 2024-12-09 | N/A | 4.1 MEDIUM |
|
Race condition vulnerability in the soundtrigger module
Impact: Successful exploitation of this vulnerability will affect availability.
|
|||||
| CVE-2024-47534 | 2024-11-21 | N/A | N/A | ||
|
go-tuf is a Go implementation of The Update Framework (TUF). The go-tuf client inconsistently traces the delegations. For example, if targets delegate to "A", and to "B", and "B" delegates to "C", then the client should trace the delegations in the order "A" then "B" then "C" but it may incorrectly trace the delegations "B"->"C"->"A". This vulnerability is fixed in 2.0.1.
|
|||||
| CVE-2024-7589 | 1 Freebsd | 1 Freebsd | 2024-11-21 | N/A | 8.1 HIGH |
|
A signal handler in sshd(8) may call a logging function that is not async-signal-safe. The signal handler is invoked when a client does not authenticate within the LoginGraceTime seconds (120 by default). This signal handler executes in the context of the sshd(8)'s privileged code, which is not sandboxed and runs with full root privileges.
This issue is another instance of the problem in CVE-2024-6387 addressed by FreeBSD-SA-24:04.openssh. The faulty code in this case is from the integration ...
Show More |
|||||
| CVE-2024-3979 | 2024-11-21 | 3.2 LOW | 4.4 MEDIUM | ||
|
A vulnerability, which was classified as problematic, has been found in COVESA vsomeip up to 3.4.10. Affected by this issue is some unknown functionality. The manipulation leads to race condition. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-261596.
|
|||||
| CVE-2024-35255 | 1 Microsoft | 2 Authentication Library, Azure Identity Sdk | 2024-11-21 | N/A | 5.5 MEDIUM |
|
Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability
|
|||||
| CVE-2024-33904 | 2024-11-21 | N/A | 7.0 HIGH | ||
|
In plugins/HookSystem.cpp in Hyprland through 0.39.1 (before 28c8561), through a race condition, a local attacker can cause execution of arbitrary assembly code by writing to a predictable temporary file.
|
|||||
| CVE-2024-32985 | 2024-11-21 | N/A | 5.9 MEDIUM | ||
|
Stellar-core is a reference implementation for the peer-to-peer agent that manages the Stellar network. Prior to 20.4.0, core nodes could be randomly crashed due to a race condition with a 3rd party library. The likelihood of affecting the network is low since crashed nodes come back up online right away. Code fix mitigation is part of Stellar-core v20.4.0 release
|
|||||
| CVE-2024-32908 | 1 Google | 1 Android | 2024-11-21 | N/A | 7.8 HIGH |
|
In sec_media_protect of media.c, there is a possible permission bypass due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
|
|||||
| CVE-2024-32899 | 1 Google | 1 Android | 2024-11-21 | N/A | 7.0 HIGH |
|
In gpu_pm_power_off_top_nolock of pixel_gpu_power.c, there is a possible compromise of protected memory due to a race condition. This could lead to local escalation of privilege to TEE with no additional execution privileges needed. User interaction is not needed for exploitation.
|
|||||
| CVE-2024-32891 | 1 Google | 1 Android | 2024-11-21 | N/A | 7.0 HIGH |
|
In sec_media_unprotect of media.c, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
|
|||||
| CVE-2024-2032 | 1 Zenml | 1 Zenml | 2024-11-21 | N/A | 3.1 LOW |
|
A race condition vulnerability exists in zenml-io/zenml versions up to and including 0.55.3, which allows for the creation of multiple users with the same username when requests are sent in parallel. This issue was fixed in version 0.55.5. The vulnerability arises due to insufficient handling of concurrent user creation requests, leading to data inconsistencies and potential authentication problems. Specifically, concurrent processes may overwrite or corrupt user data, complicating user identifi ...
Show More |
|||||
| CVE-2024-29863 | 2024-11-21 | N/A | 7.8 HIGH | ||
|
A race condition in the installer executable in Qlik Qlikview before versions May 2022 SR3 (12.70.20300) and May 2023 SR2 (12,80.20200) may allow an existing lower privileged user to cause code to be executed in the context of a Windows Administrator.
|
|||||
| CVE-2024-28999 | 1 Solarwinds | 1 Solarwinds Platform | 2024-11-21 | N/A | 6.4 MEDIUM |
|
The SolarWinds Platform was determined to be affected by a Race Condition Vulnerability affecting the web console.
|
|||||
| CVE-2024-26942 | 1 Linux | 1 Linux Kernel | 2024-11-21 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
net: phy: qcom: at803x: fix kernel panic with at8031_probe
On reworking and splitting the at803x driver, in splitting function of
at803x PHYs it was added a NULL dereference bug where priv is referenced
before it's actually allocated and then is tried to write to for the
is_1000basex and is_fiber variables in the case of at8031, writing on
the wrong address.
Fix this by correctly setting priv local variable only after
at803x_ ...
Show More |
|||||
| CVE-2024-26910 | 1 Linux | 1 Linux Kernel | 2024-11-21 | N/A | 4.7 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
netfilter: ipset: fix performance regression in swap operation
The patch "netfilter: ipset: fix race condition between swap/destroy
and kernel side add/del/test", commit 28628fa9 fixes a race condition.
But the synchronize_rcu() added to the swap function unnecessarily slows
it down: it can safely be moved to destroy and use call_rcu() instead.
Eric Dumazet pointed out that simply calling the destroy functions as
rcu callback ...
Show More |
|||||
| CVE-2024-24864 | 1 Linux | 1 Linux Kernel | 2024-11-21 | N/A | 5.3 MEDIUM |
|
A race condition was found in the Linux kernel's media/dvb-core in dvbdmx_write() function. This can result in a null pointer dereference issue, possibly leading to a kernel panic or denial of service issue.
|
|||||
| CVE-2024-24859 | 1 Linux | 1 Linux Kernel | 2024-11-21 | N/A | 4.6 MEDIUM |
|
A race condition was found in the Linux kernel's net/bluetooth in sniff_{min,max}_interval_set() function. This can result in a bluetooth sniffing exception issue, possibly leading denial of service.
|
|||||
| CVE-2024-23651 | 1 Mobyproject | 1 Buildkit | 2024-11-21 | N/A | 8.7 HIGH |
|
BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. Two malicious build steps running in parallel sharing the same cache mounts with subpaths could cause a race condition that can lead to files from the host system being accessible to the build container. The issue has been fixed in v0.12.5. Workarounds include, avoiding using BuildKit frontend from an untrusted source or building an untrusted Dockerfile containing cache mounts w ...
Show More |
|||||
| CVE-2024-23196 | 1 Linux | 1 Linux Kernel | 2024-11-21 | N/A | 5.3 MEDIUM |
|
A race condition was found in the Linux kernel's sound/hda device driver in snd_hdac_regmap_sync() function. This can result in a null pointer dereference issue, possibly leading to a kernel panic or denial of service issue.
|
|||||
| CVE-2024-22386 | 1 Linux | 1 Linux Kernel | 2024-11-21 | N/A | 5.3 MEDIUM |
|
A race condition was found in the Linux kernel's drm/exynos device driver in exynos_drm_crtc_atomic_disable() function. This can result in a null pointer dereference issue, possibly leading to a kernel panic or denial of service issue.
|
|||||
| CVE-2024-21601 | 1 Juniper | 1 Junos | 2024-11-21 | N/A | 5.9 MEDIUM |
|
A Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') vulnerability in the Flow-processing Daemon (flowd) of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service (Dos).
On SRX Series devices when two different threads try to simultaneously process a queue which is used for TCP events flowd will crash. One of these threads can not be triggered externally, so the exploitation of this race co ...
Show More |
|||||
| CVE-2024-21307 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2024-11-21 | N/A | 7.5 HIGH |
|
Remote Desktop Client Remote Code Execution Vulnerability
|
|||||
| CVE-2024-20700 | 1 Microsoft | 9 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 6 more | 2024-11-21 | N/A | 7.5 HIGH |
|
Windows Hyper-V Remote Code Execution Vulnerability
|
|||||
| CVE-2023-6857 | 5 Apple, Debian, Google and 2 more | 7 Macos, Debian Linux, Android and 4 more | 2024-11-21 | N/A | 5.3 MEDIUM |
|
When resolving a symlink, a race may occur where the buffer passed to `readlink` may actually be smaller than necessary.
*This bug only affects Firefox on Unix-based operating systems (Android, Linux, MacOS). Windows is unaffected.* This vulnerability affects Firefox ESR < 115.6, Thunderbird < 115.6, and Firefox < 121.
|
|||||
| CVE-2023-6200 | 1 Linux | 1 Linux Kernel | 2024-11-21 | N/A | 7.5 HIGH |
|
A race condition was found in the Linux Kernel. Under certain conditions, an unauthenticated attacker from an adjacent network could send an ICMPv6 router advertisement packet, causing arbitrary code execution.
|
|||||
| CVE-2023-6109 | 1 Yop-poll | 1 Yop Poll | 2024-11-21 | N/A | 5.3 MEDIUM |
|
The YOP Poll plugin for WordPress is vulnerable to a race condition in all versions up to, and including, 6.5.26. This is due to improper restrictions on the add() function. This makes it possible for unauthenticated attackers to place multiple votes on a single poll even when the poll is set to one vote per person.
|
|||||
| CVE-2023-5313 | 1 Phpkobo | 1 Ajax Poll Script | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
|
A vulnerability classified as problematic was found in phpkobo Ajax Poll Script 3.18. Affected by this vulnerability is an unknown functionality of the file ajax-poll.php of the component Poll Handler. The manipulation leads to improper enforcement of a single, unique action. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-240949 was assigned to this vulnerability.
|
|||||
| CVE-2023-52645 | 1 Linux | 1 Linux Kernel | 2024-11-21 | N/A | 4.7 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
pmdomain: mediatek: fix race conditions with genpd
If the power domains are registered first with genpd and *after that*
the driver attempts to power them on in the probe sequence, then it is
possible that a race condition occurs if genpd tries to power them on
in the same time.
The same is valid for powering them off before unregistering them
from genpd.
Attempt to fix race conditions by first removing the domains from genpd
...
Show More |
|||||
| CVE-2023-4732 | 2 Linux, Redhat | 10 Linux Kernel, Codeready Linux Builder, Codeready Linux Builder For Arm64 and 7 more | 2024-11-21 | N/A | 4.7 MEDIUM |
|
A flaw was found in pfn_swap_entry_to_page in memory management subsystem in the Linux Kernel. In this flaw, an attacker with a local user privilege may cause a denial of service problem due to a BUG statement referencing pmd_t x.
|
|||||
| CVE-2023-4642 | 1 Kamalkhan | 1 Kk Star Ratings | 2024-11-21 | N/A | 5.9 MEDIUM |
|
The kk Star Ratings WordPress plugin before 5.4.6 does not implement atomic operations, allowing one user vote multiple times on a poll due to a Race Condition.
|
|||||
| CVE-2023-4049 | 2 Debian, Mozilla | 2 Debian Linux, Firefox | 2024-11-21 | N/A | 5.9 MEDIUM |
|
Race conditions in reference counting code were found through code inspection. These could have resulted in potentially exploitable use-after-free vulnerabilities. This vulnerability affects Firefox < 116, Firefox ESR < 102.14, and Firefox ESR < 115.1.
|
|||||
| CVE-2023-49786 | 2 Digium, Sangoma | 2 Asterisk, Certified Asterisk | 2024-11-21 | N/A | 7.5 HIGH |
|
Asterisk is an open source private branch exchange and telephony toolkit. In Asterisk prior to versions 18.20.1, 20.5.1, and 21.0.1; as well as certified-asterisk prior to 18.9-cert6; Asterisk is susceptible to a DoS due to a race condition in the hello handshake phase of the DTLS protocol when handling DTLS-SRTP for media setup. This attack can be done continuously, thus denying new DTLS-SRTP encrypted calls during the attack. Abuse of this vulnerability may lead to a massive Denial of Service ...
Show More |
|||||
| CVE-2023-49706 | 1 Linotp | 2 Linotp, Virtual Appliance | 2024-11-21 | N/A | 6.8 MEDIUM |
|
Defective request context handling in Self Service in LinOTP 3.x before 3.2.5 allows remote unauthenticated attackers to escalate privileges, thereby allowing them to act as and with the permissions of another user. Attackers must generate repeated API requests to trigger a race condition with concurrent user activity in the self-service portal.
|
|||||
| CVE-2023-48420 | 1 Google | 1 Android | 2024-11-21 | N/A | 6.4 MEDIUM |
|
there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
|
|||||